75 matches found
EUVD-2014-1946
Malware in sbrugna...
EUVD-2014-1945
Malware in sbrugna...
EUVD-2012-6483
Malware in sbrugna...
EUVD-2014-1949
Malware in sbrugna...
EUVD-2014-1943
Malware in sbrugna...
EUVD-2019-0227
Malware in sbrugna...
EUVD-2014-8507
Malware in sbrugna...
MAL-2025-33559 Malicious code in snowdroid-phonegap-fban (npm)
The package snowdroid-phonegap-fban was found to contain malicious code...
MAL-2025-24537 Malicious code in kinvey-phonegap-angular-sdk (npm)
The package kinvey-phonegap-angular-sdk was found to contain malicious code...
Malicious code in kinvey-phonegap-angular-sdk (npm)
The package kinvey-phonegap-angular-sdk was found to contain malicious code...
Malicious code in snowdroid-phonegap-fban (npm)
The package snowdroid-phonegap-fban was found to contain malicious code...
CVE-2014-8671
Cross-site scripting XSS vulnerability in the GWT Mobile PhoneGap Showcase application for Android allows remote attackers to inject arbitrary web script or HTML via a crafted Bluetooth Device Name field...
kinvey-angular-sdk (>=3.4.0 <=3.5.3), kinvey-angular2-sdk (>=3.4.1 <=3.5.2) +6 more potentially affected by CVE-2020-7741 via hellojs (>=1.13.1 <=1.14.1)
hellojs NPM version =1.13.1, =3.4.0, =3.4.1, =3.4.1, =3.4.0, =3.4.1, =3.4.0, =3.4.0, =3.4.1, =3.5.2 Source cves: CVE-2020-7741 Source advisory: OSV:GHSA-7JH9-6CPF-H4M7...
kinvey-angular-sdk (>=3.4.0 <=3.5.3), kinvey-angular2-sdk (>=3.4.1 <=3.5.2) +6 more potentially affected by CVE-2020-7741 via hellojs (>=1.13.1 <=1.14.1)
hellojs NPM version =1.13.1, =3.4.0, =3.4.1, =3.4.1, =3.4.0, =3.4.1, =3.4.0, =3.4.0, =3.4.1, =3.5.2 Source cves: CVE-2020-7741 Source advisory: SNYK:JS-HELLOJS-1014546...
steroids downloads resources over HTTP
Affected versions of steroids insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
CVE-2016-10581
Steroids is PhoneGap on Steroids, providing native UI elements, multiple WebViews and enhancements for better developer productivity. steroids downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out th...
Design/Logic Flaw
Steroids is PhoneGap on Steroids, providing native UI elements, multiple WebViews and enhancements for better developer productivity. steroids downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out th...
CVE-2016-10581
CVE-2016-10581 concerns the Steroids library (PhoneGap on Steroids), which downloads zipped resources over HTTP. The description states this makes it vulnerable to MITM attacks and, if an attacker can position themselves between the user and the server, may allow remote code execution by swapping...
CVE-2016-10581
Steroids is PhoneGap on Steroids, providing native UI elements, multiple WebViews and enhancements for better developer productivity. steroids downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out th...
CVE-2018-4943
Adobe PhoneGap Push Plugin versions 1.8.0 and earlier have an exploitable Same-Origin Method Execution vulnerability. Successful exploitation could lead to JavaScript code execution in the context of the PhoneGap app...